npm
diff --git a/‎.github/actions/create-check/action.yml
Lines changed: 52 additions & 0 deletions b/‎.github/actions/create-check/action.yml
Lines changed: 52 additions & 0 deletions
diff --git a/‎.github/actions/install-latest-npm/action.yml
Lines changed: 58 additions & 0 deletions b/‎.github/actions/install-latest-npm/action.yml
Lines changed: 58 additions & 0 deletions
diff --git a/‎.github/workflows/audit.yml
Lines changed: 3 additions & 30 deletions b/‎.github/workflows/audit.yml
Lines changed: 3 additions & 30 deletions
@@ -0,0 +1,52 @@
+# This file is automatically added by @npmcli/template-oss. Do not edit.
+
+name: 'Create Check'
+inputs:
+  name:
+    required: true
+  token:
+    required: true
+  sha:
+    required: true
+  check-name:
+    default: ''
+outputs:
+  check-id:
+    value: ${{ steps.create-check.outputs.check_id }}
+runs:
+  using: "composite"
+  steps:
+    - name: Get Workflow Job
+      uses: actions/github-script@v6
+      id: workflow
+      env:
+        JOB_NAME: "${{ inputs.name }}"
+        SHA: "${{ inputs.sha }}"
+      with:
+        result-encoding: string
+        script: |
+          const { repo: { owner, repo}, runId, serverUrl } = context          
+          const { JOB_NAME, SHA } = process.env
+
+          const job = await github.rest.actions.listJobsForWorkflowRun({
+            owner,
+            repo,
+            run_id: runId,
+            per_page: 100
+          }).then(r => r.data.jobs.find(j => j.name.endsWith(JOB_NAME)))
+
+          return [
+            `This check is assosciated with ${serverUrl}/${owner}/${repo}/commit/${SHA}.`,
+            'Run logs:',
+            job?.html_url || `could not be found for a job ending with: "${JOB_NAME}"`,
+          ].join(' ')
+    - name: Create Check
+      uses: LouisBrunner/checks-action@v1.6.0
+      id: create-check
+      with:
+        token: ${{ inputs.token }}
+        sha: ${{ inputs.sha }}
+        status: in_progress
+        name: ${{ inputs.check-name || inputs.name }}
+        output: |
+          {"summary":"${{ steps.workflow.outputs.result }}"}
@@ -0,0 +1,58 @@
+# This file is automatically added by @npmcli/template-oss. Do not edit.
+
+name: 'Install Latest npm'
+description: 'Install the latest version of npm compatible with the Node version'
+inputs:
+  node:
+    description: 'Current Node version'
+    required: true
+runs:
+  using: "composite"
+  steps:
+    # node 10/12/14 ship with npm@6, which is known to fail when updating itself in windows
+    - name: Update Windows npm
+      if: |
+        runner.os == 'Windows' && (
+          startsWith(inputs.node, 'v10.') ||
+          startsWith(inputs.node, 'v12.') ||
+          startsWith(inputs.node, 'v14.')
+        )
+      shell: cmd
+      run: |
+        curl -sO https://registry.npmjs.org/npm/-/npm-7.5.4.tgz
+        tar xf npm-7.5.4.tgz
+        cd package
+        node lib/npm.js install --no-fund --no-audit -g ..\npm-7.5.4.tgz
+        cd ..
+        rmdir /s /q package
+    - name: Install Latest npm
+      shell: bash
+      env:
+        NODE_VERSION: ${{ inputs.node }}
+      working-directory: ${{ runner.temp }}
+      run: |
+        MATCH=""
+        SPECS=("latest" "next-10" "next-9" "next-8" "next-7" "next-6")
+
+        echo "node@$NODE_VERSION"
+
+        for SPEC in ${SPECS[@]}; do
+          ENGINES=$(npm view npm@$SPEC --json | jq -r '.engines.node')
+          echo "Checking if node@$NODE_VERSION satisfies npm@$SPEC ($ENGINES)"
+
+          if npx semver -r "$ENGINES" "$NODE_VERSION" > /dev/null; then
+            MATCH=$SPEC
+            echo "Found compatible version: npm@$MATCH"
+            break
+          fi  
+        done
+
+        if [ -z $MATCH ]; then
+          echo "Could not find a compatible version of npm for node@$NODE_VERSION"
+          exit 1
+        fi
+
+        npm i --prefer-online --no-fund --no-audit -g npm@$MATCH
+    - name: npm Version
+      shell: bash
+      run: npm -v
@@ -29,37 +29,10 @@ jobs:
         with:
           node-version: 20.x
           check-latest: contains('20.x', '.x')
-
       - name: Install Latest npm
-        shell: bash
-        env:
-          NODE_VERSION: ${{ steps.node.outputs.node-version }}
-        run: |
-          MATCH=""
-          SPECS=("latest" "next-10" "next-9" "next-8" "next-7" "next-6")
-
-          echo "node@$NODE_VERSION"
-
-          for SPEC in ${SPECS[@]}; do
-            ENGINES=$(npm view npm@$SPEC --json | jq -r '.engines.node')
-            echo "Checking if node@$NODE_VERSION satisfies npm@$SPEC ($ENGINES)"
-
-            if npx semver -r "$ENGINES" "$NODE_VERSION" > /dev/null; then
-              MATCH=$SPEC
-              echo "Found compatible version: npm@$MATCH"
-              break
-            fi  
-          done
-
-          if [ -z $MATCH ]; then
-            echo "Could not find a compatible version of npm for node@$NODE_VERSION"
-            exit 1
-          fi
-
-          npm i --prefer-online --no-fund --no-audit -g npm@$MATCH
-
-      - name: npm Version
-        run: npm -v
+        uses: ./.github/actions/install-latest-npm
+        with:
+          node: ${{ steps.node.outputs.node-version }}
       - name: Install Dependencies
         run: npm i --ignore-scripts --no-audit --no-fund --package-lock
       - name: Run Production Audit